Trust Assessment
kit-automation received a trust score of 73/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via RUBE_REMOTE_WORKBENCH.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 17, 2026 (commit 99e2a295). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Potential Command Injection via RUBE_REMOTE_WORKBENCH The skill's 'Quick Reference' section lists `RUBE_REMOTE_WORKBENCH` with `run_composio_tool()` as an approach for 'Bulk ops'. The term 'Workbench' commonly implies an environment for executing code or commands. If `RUBE_REMOTE_WORKBENCH` or the `run_composio_tool()` function allows arbitrary code execution, shell commands, or the execution of Composio tools with unconstrained arguments, it presents a critical command injection vulnerability. An attacker could craft prompts to induce the LLM to utilize this mechanism to execute malicious code or commands in the underlying environment. Clarify the exact capabilities and security implications of `RUBE_REMOTE_WORKBENCH` and `run_composio_tool()`. If it allows arbitrary code execution, it should be removed from the skill's exposed capabilities or heavily restricted and sandboxed. If it's intended for specific, safe operations, provide explicit examples of its usage and ensure strict input validation and least privilege principles are applied to the underlying execution environment. | LLM | SKILL.md:80 |
Scan History
Embed Code
[](https://skillshield.io/report/2102dae89c08a4df)
Powered by SkillShield